{"report_id":"145271da-60aa-44ed-8a6b-07757e818687","version":6,"status":"done","tags":[],"date":"2026-05-04T13:10:51Z","url":{"schema":"http","addr":"yengeldmsendekatlmrmyap.click","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"http","addr":"yengeldmsendekatlmrmyap.click/","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"title":"Web Server's Default Page","dom":{"size":16433,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9143)","md5":"66550b90586eb35d70889c552e0f2563","sha1":"cb94054a6f449cf67aa6cd79b49d58b1dd899558","sha256":"d71c0c23b29de5ccb450d5b9d8c081d694ebc5e9accb065a82cb3468a09b24c6","sha512":"83392f19776f9aac67c60c3ec614c864bfbb48a31ef835dae8804969fd5fbdc502145fd0aacd3c43d1a705b5d9f71b5fca68002bc8f8aea78f058b7bda810e0c","ssdeep":"192:XY6TUPW7YUd0xcP1bMW6XQ8Thb6nud3XOKxDVbidbv2IRiUCrmCwl/EdVcdYITP:dq9muRhiz26C/fcdDT","tlshash":"6172c6729257956f1123c0d5fbb66740338d844be809c669b6dea36c6fcfaa0e49370c","dom_hash":"domhash82e8e9f58d72e2ccb81b0d8b81f5e277","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"yengeldmsendekatlmrmyap.click","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T13:10:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:10:30Z","timestamp":1777900230,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":58674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-04T13:10:30.385629+0000\",\"flow_id\":1201734446104002,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":58674,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"yengeldmsendekatlmrmyap.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":686,\"bytes_toclient\":1307,\"start\":\"2026-05-04T13:10:30.343490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:10:30Z","timestamp":1777900230,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":58674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-04T13:10:30.699497+0000\",\"flow_id\":1201734446104002,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":58674,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"yengeldmsendekatlmrmyap.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://yengeldmsendekatlmrmyap.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1255,\"bytes_toclient\":1816,\"start\":\"2026-05-04T13:10:30.343490+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"yengeldmsendekatlmrmyap.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"assets.plesk.com","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"1999-06-13","domain_rank":2025050,"first_seen":"2016-07-25T13:41:51Z","last_seen":"2026-04-30T12:35:35.110657Z","alert_count":0,"request_count":9,"received_data":325004,"sent_data":4615,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"uat-proxy.plesk.com","ip":{"addr":"63.34.73.81","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"1999-06-13","domain_rank":0,"first_seen":"2025-08-21T20:20:46.51845Z","last_seen":"2026-05-01T00:21:43.682364Z","alert_count":0,"request_count":2,"received_data":1941,"sent_data":1900,"comment":"","tags":null,"fingerprints":[{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"yengeldmsendekatlmrmyap.click","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-05-03","domain_rank":0,"first_seen":"2026-05-04T13:10:52.046415Z","last_seen":"2026-05-04T13:10:52.046415Z","alert_count":12,"request_count":3,"received_data":1946,"sent_data":1295,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/default-server-index.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"17c1c4a9c72520a1f0006cb0ac30e39d","sha1":"2badb9f917ad3173de18f979155caee3846819b7","sha256":"a44276679581dd744aa4fe4d26d9b62cb45e849a0319beba2b584674fe3943e5","sha512":"f1d3abafe04395d3c68b5a0b4e127c1e19ba2879be6f9acf2480363558827181b3136c1047fe4756003839e8188fe84955653b65b9a2dabe8f90d5abe33b9a84","ssdeep":"192:Pa8j2rrxw0dAZ+hbXIK6XocTqW1ryoBBX/Lfe28bz11NDHQi0HXHYQRQKkuTAiU2:ue/7H8XFDHqXvQKk4r79XXdDd","tlshash":"d6c21756b243717d02538ae5fbbb1310733a7418e0194278f29de3b61faf9a5c592b2c","size":26256,"data":"","first_seen":"2026-04-12T16:19:45.593408Z","last_seen":"2026-05-05T06:16:46.294376Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/bundle.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c63669a64d5d0807ea15a3f3dd7ebc07","sha1":"e176a68f0ef016c3427aeec09749ffa4fb982c47","sha256":"6e41e7f51fc6a20a2c9938138103af1d987c4bf5ab4bdb693616ed5ec9b8f36a","sha512":"aaf41785cd63d7430cfd7a8baced2c8c62597b253898905f4137c203cfb7128101a99dfb7533003489b89151da480e5f03f9fb0b43c371c6bd34e5c7c64a6cc7","ssdeep":"3072:LnxZf5p8dLNuBWj193dvr9T/16xWHtWJXg86dfWa:LxB6xYWjD3dhp6xWHtQMJ","tlshash":"2ad32b5531a1b17603da15d1f4394601f2391a54309cc8acfbfd98ebe8e68c69a37f39","size":137942,"data":"","first_seen":"2026-04-12T16:19:45.592096Z","last_seen":"2026-05-05T06:16:46.300988Z","times_seen":733,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"2b939ca011c8fde635eaa614bce22085","sha1":"158ae356dc8791be6e948e2093a9f230b3cbe008","sha256":"99c0bb45b72a3a85c823b41fb5453907df382273cbecb0c62b1440ca38c1c423","sha512":"4e6588d8d8ad1291c55d0ff084f3bfd8f4470bb3f26cc80b7b62f14629923c8ccb0b664f3c1354e0043a4e33ce03caa98953a96499fbd7c41121cbaf094d90c4","ssdeep":"192:0Y6TUPW7YUd0xcP1bMW6XQ8Thb6nud3XOKxDVbidbv2m20iUCrP7wlc/xVDdYIKX:qq9muRhiNcb7ZrDdDq","tlshash":"c072b672d287956f0113c094fbb66740738d844be809c669b6dea36c6fcfaa1e49370d","size":16427,"data":"","first_seen":"2026-05-04T13:10:56.543775Z","last_seen":"2026-05-04T13:10:56.543775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/favicon-fc0691.ico","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/favicon-fc0691.ico HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 4286\r\nx-amz-id-2: VzJsoGOqdk/LD6g1xUjnjsF2CugVLi5y+BGludiOGlog3l8kuwQMp9fHjBQ/wuRoz9NFVULLXSo=\r\nx-amz-request-id: CVHSAMZW1D2Z2JPG\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: JqcW_S9YcLEoN5iLWCRfb_rHRzI8nQ6W\r\netag: \"650b28c6cf1b473aed15ba26bad1da92\"\r\nx-77-nzt: k8uRNLcOQjd9S7h07zzV+hZEWk5lIJ7iRAnD+/qMl5giVzmYpRjke9oHaYYhhWZjPsN/dPA\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af8696c83fe2e\r\nx-77-cache: HIT\r\nx-77-age: 871136\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"650b28c6cf1b473aed15ba26bad1da92","sha1":"63f99c1d32ab6387db0f981f242fcefcb875ac21","sha256":"1f7437e15be65fcfd977e547e957da7950167f957deeac877086e9b66c11be87","sha512":"ee3c937542bdb10fc5a2bdf41fc6c89bfe699a870a69368f276963af3efbb711827e916dd05aa7e653524770f2e0bd0d38ee6a5e3b6c7255cac1cd74930b7541","ssdeep":"48:QwL+ah0QWs3z1gL9LSJN798lyBbr9bgozxXoAOg81XAHoctUjpeqeDzTCZmNV:QHaDxAiWSbq0S2Igepe9DT/","tlshash":"8891f3ef98b48405e259463c81cdd99b3d3e8a3db0f1e28d3a516c69dc33943abc9532","first_seen":"2023-04-30T20:36:14Z","last_seen":"2026-05-05T06:16:46.297002Z","times_seen":5420,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uat-proxy.plesk.com/","fqdn":"uat-proxy.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"63.34.73.81","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"uat-proxy.plesk.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Sun, 30 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C8:5B:6C:B7:19:D1:F4:7B:E1:8C:07:D2:A7:7E:84:36:29:07:F3:07","sha256":"4B:46:37:E8:81:F5:46:5D:48:54:2D:9C:36:A9:A2:1E:0E:BC:41:8C:54:04:8B:05:56:7D:21:4A:77:E1:C7:59"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: uat-proxy.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nOrigin: http://yengeldmsendekatlmrmyap.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:31 GMT\r\ncontent-length: 20\r\nset-cookie: AWSALB=ATom/bnUZiaLhTUoLs5kQhACLwUSUCgcpX1z5PtrBCR3M0FfjYeukxS81NOAjoX/fF6GvtsCfVBcFdjfnJnu3XRapWPRzkGCG49x5L/kajOxtXAB5it4LL7Hoyr5; Expires=Mon, 11 May 2026 13:10:30 GMT; Path=/\nAWSALBCORS=ATom/bnUZiaLhTUoLs5kQhACLwUSUCgcpX1z5PtrBCR3M0FfjYeukxS81NOAjoX/fF6GvtsCfVBcFdjfnJnu3XRapWPRzkGCG49x5L/kajOxtXAB5it4LL7Hoyr5; Expires=Mon, 11 May 2026 13:10:30 GMT; Path=/; SameSite=None; Secure\r\naccess-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent\r\naccess-control-allow-methods: POST\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-amz-request-id,x-amz-id-2,x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date\r\naccess-control-max-age: 172800\r\ncontent-encoding: gzip\r\nx-amzn-requestid: e8fdef45-7db6-75bf-8a8f-7242a98a0660\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T07:09:52.935599Z","times_seen":14675193,"resource_available":true,"data":null}},"time_used":467,"timings":{"blocked":157,"dns":28,"connect":34,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2 HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nOrigin: http://yengeldmsendekatlmrmyap.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16708\r\nx-amz-id-2: zQMm4Zau5tvywk+e7fwdXEO9N5GLKujvN8PxPUlcDYFVq/7LgeN5BShfugpvB1oQ9foQFovER+qrZyNq6i28q8kEC1x4/X+O\r\nx-amz-request-id: F8NH5PE2RG7594AE\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: FLXzY1PkhMOuxxNBp3e3tQvF_ndGD7LC\r\netag: \"68c477c4c76baab3a8d1ef6a55aa986f\"\r\nx-77-nzt: k/Jlqb20itW4Z/PbfTDfyBgLKQdkrFXhXEzcuBDtPPipfggQS/BLQ2ubT4YV3AL39I9bGt4\r\nx-77-nzt-ray: 2a494a150fa34553eb9af869536ab92c\r\nx-77-cache: HIT\r\nx-77-age: 871157\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":16708,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16708, version 1.0","md5":"68c477c4c76baab3a8d1ef6a55aa986f","sha1":"4af50379e13514558dd53d123db8ea101ec5e24c","sha256":"0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac","sha512":"92b34fe3b7f82f10cf6de8027ac08f4a5b8764fb4e0b31c93da6e3d5bd08e0bc83b79fd70b8207a1066b689583e0b6976fa3c885b0c067ea343e6f2031d55d25","ssdeep":"384:Nd1nZ+hLc8g3/2AY8VL6UBP38Y1dDq6w9ZD:bJZpv3h1Z3x+9ZD","tlshash":"0572d092b7f2d6b84d28bdfe122b04099ca91d8729f113f25942362ba5b1c6484fd071","first_seen":"2023-04-09T06:32:51Z","last_seen":"2026-05-05T06:16:46.299098Z","times_seen":12131,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":1,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/logo-81ca7a.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/logo-81ca7a.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: lXyn3f8Ji2TgSmjnKyO5QuaX6E2yaA6PRjNZ3B0yOqMSGnnYlrtAaHX9Mkuh2/xwUFkX3jicHiM=\r\nx-amz-request-id: AKPM7EX0Z5YF6TRK\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: n1OaEp3MifiWuinPTAjjnlM0TG0d5HoH\r\netag: W/\"50f16a34400340b368e0ac5a991997f4\"\r\nx-77-nzt: kz9sopTlfF4T7fh7/VUMaIns4NB8nQaMARxPh5kBOKfzNXt9JEBLMiyHA+7mBDbyrY1mTzc\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af869604aae2b\r\nx-77-cache: HIT\r\nx-77-age: 273917\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2099,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50f16a34400340b368e0ac5a991997f4","sha1":"acba5b50993b1ac89f8ecf9531dd2561fb9d8038","sha256":"a459426d178bf696ac29aed37f5c2e73e24ee716d578678440b6513f54721b7e","sha512":"9bcf4b3b9895cdc5c0b795084f026e6f13996aadb3b00b1873cceb24e690f2143cec74e9dcab993be8f5fde96a98322ff586547e24d165d98a161a859e074cea","ssdeep":"","tlshash":"d741ce728618c5ac96078638ce7580f22b1fa8f73a5a13b8d2ffc77074439c5d252928","first_seen":"2023-05-09T02:17:30Z","last_seen":"2026-05-05T06:16:46.299703Z","times_seen":4865,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/wpg-b313a8.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/wpg-b313a8.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: U+hHAza3KSYKHAN5bQlziUnqcjM7RO3+6dOGnXFw1dFUTRQ+UiCXsSho2370icUj3apHTUL1e5gmr+7gjTMl1kbNb8IUnw5U\r\nx-amz-request-id: S3DEG71GQAYKNVEY\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: uZVR1H0XetJJbnppT_0f44epDF_mQ2W7\r\netag: W/\"67b7f0f50fe6837597cc7ea4ac4e3fa3\"\r\nx-77-nzt: k7EWSXKZnhKFFj30bxA/dc3WcwoBUmK3/oAIx5GhiwFHBeNsKw9iba4K1fAOZ0nGfhHAkmc\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af869a384f32b\r\nx-77-cache: HIT\r\nx-77-age: 857374\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1304,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"67b7f0f50fe6837597cc7ea4ac4e3fa3","sha1":"9aafb23c2c7b4466d0ab05e3e115c82757706762","sha256":"a205e44bdfd4d85a52d1412f0923f5cbdaae73050ac51529fb70b7a80c4d0b93","sha512":"dfe5a5097d639fe7cab87ea1c8691951b2b6a04959762aa0d2b2660eeecf184da057846fa08492ecc79102896db39aac1b817da7d8b371023aee95c1b7d5a23a","ssdeep":"","tlshash":"eb21f6a11979d86c0d970bf2cf7e85933b9fd0b9b21583ed55536170500a2cdc5c6d5c","first_seen":"2024-05-01T23:57:27Z","last_seen":"2026-05-05T06:16:46.300367Z","times_seen":4849,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/bundle.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/bundle.js HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: text/javascript\r\nx-amz-id-2: 3UPPtiIxcLy+VXJomj50dugrMhtT2fx3W5pILEnkbY2DziwrwtJs+ZJ9vCUY+A8J+z+6kTGD/d9pQiMr0tPsffQZzCLGVBTQ\r\nx-amz-request-id: FFZ46A051S8A51K9\r\nlast-modified: Wed, 08 Apr 2026 13:25:30 GMT\r\nx-amz-version-id: ov3_SDWC_g..Uf9gZKowcQe60B9Dum4S\r\netag: W/\"c63669a64d5d0807ea15a3f3dd7ebc07\"\r\nx-77-nzt: k3PTBp2UzmeZDLHZ4VoEtOxaNQ0sIGJeIrciB8xl7dllSrnlSebyCA0NcBXh9iaXTfkeai0\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af8690330002c\r\nx-77-cache: HIT\r\nx-77-age: 871157\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":137942,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c63669a64d5d0807ea15a3f3dd7ebc07","sha1":"e176a68f0ef016c3427aeec09749ffa4fb982c47","sha256":"6e41e7f51fc6a20a2c9938138103af1d987c4bf5ab4bdb693616ed5ec9b8f36a","sha512":"aaf41785cd63d7430cfd7a8baced2c8c62597b253898905f4137c203cfb7128101a99dfb7533003489b89151da480e5f03f9fb0b43c371c6bd34e5c7c64a6cc7","ssdeep":"3072:LnxZf5p8dLNuBWj193dvr9T/16xWHtWJXg86dfWa:LxB6xYWjD3dhp6xWHtQMJ","tlshash":"2ad32b5531a1b17603da15d1f4394601f2391a54309cc8acfbfd98ebe8e68c69a37f39","first_seen":"2026-04-12T16:19:45.592096Z","last_seen":"2026-05-05T06:16:46.300988Z","times_seen":733,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/robot-4b152c.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/robot-4b152c.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: WPbKUjw1mp21ZSTMOs0CJaNu+SclWYi5g+j1aIPsZ2uhKUehWd0ioRyBlu9mpOJFWf4TW+OJwFY=\r\nx-amz-request-id: 9XK33DEKPAHJNA9G\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: rCGYQ3D6amBozzV2DJc_C1STmhR27xMI\r\netag: W/\"a11790af7b8e734f7391d2695e96bfc8\"\r\nx-77-nzt: k+dY6uxnrlBNwGZW1DCP6eLLK8unmOSWBdQGCSP6mQOmaK6/qVzSLT3T0rQeIk07yVUY7fw\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af86905fc942c\r\nx-77-cache: HIT\r\nx-77-age: 90916\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":89014,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a11790af7b8e734f7391d2695e96bfc8","sha1":"af73e0993f9a486721d75bc21d6eb6e17104ece9","sha256":"01084e18312cb2af2d6b89b7348a7f1e5ae8faf10c0bd9ce478dd38adb2955a3","sha512":"8251f0b56927fa275e73d87f0964e9d755ec9105f464ed41f8741906eb5a9a450396b70bc89e42c341faec469fd9ea00ea043f9b98c6594a7c1f403978b7acf9","ssdeep":"1536:1EGgXdRFhrpPC8OGcFIgpDeeNrNPdUYbzyP:todXzcGcF7lrsGyP","tlshash":"2d93002cc358a3bc9d5787f88b3560b0769e50eeb0e19328897dc5b063529d8d2ef8d5","first_seen":"2023-05-01T16:30:05Z","last_seen":"2026-05-05T06:16:46.30157Z","times_seen":7323,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uat-proxy.plesk.com/","fqdn":"uat-proxy.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"63.34.73.81","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:31.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"uat-proxy.plesk.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Sun, 30 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C8:5B:6C:B7:19:D1:F4:7B:E1:8C:07:D2:A7:7E:84:36:29:07:F3:07","sha256":"4B:46:37:E8:81:F5:46:5D:48:54:2D:9C:36:A9:A2:1E:0E:BC:41:8C:54:04:8B:05:56:7D:21:4A:77:E1:C7:59"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: uat-proxy.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\namz-sdk-invocation-id: 897de3b3-851a-419d-84eb-6a28c2154a76\r\namz-sdk-request: attempt=1; max=3\r\nauthorization: AWS4-HMAC-SHA256 Credential=00000000000000000000/20260504/us-west-2/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bd113d0319ae2f0a8320b9279c137958078edc7a41e57fd803557243122f8d8a\r\ncontent-type: application/x-amz-json-1.1\r\nx-amz-content-sha256: a038df24ad3c6df4733a0a8bdf6e0f83cb846b7f542b3d679bee17e63ed28cba\r\nx-amz-date: 20260504T131030Z\r\nx-amz-target: Firehose_20150804.PutRecord\r\nx-amz-user-agent: aws-sdk-js/3.1021.0 ua/2.1 os/Windows lang/js md/browser#Firefox_unknown api/firehose#3.1021.0 m/N,E,e\r\nContent-Length: 108\r\nOrigin: http://yengeldmsendekatlmrmyap.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":108,"data":"{\"DeliveryStreamName\":\"default-page-stats\",\"Record\":{\"Data\":\"MjAyNi0wNS0wNFQxMzoxMDozMC43OTlafFZJRVd8Cg==\"}}"}},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Mon, 04 May 2026 13:10:31 GMT\r\ncontent-type: application/x-amz-json-1.1\r\ncontent-length: 115\r\nset-cookie: AWSALB=6nEjT2B2PIlsJ3pxGyHCsZgKMVxoEnCo0IK8fYAOUwjOGqXVoCnu70xjhoVCkKUwKFs+rRAW6erAuW06RauDYxL4jWPsSmAO2zVwwICX7vb5nbpyF/68d1vsNwEt; Expires=Mon, 11 May 2026 13:10:31 GMT; Path=/\nAWSALBCORS=6nEjT2B2PIlsJ3pxGyHCsZgKMVxoEnCo0IK8fYAOUwjOGqXVoCnu70xjhoVCkKUwKFs+rRAW6erAuW06RauDYxL4jWPsSmAO2zVwwICX7vb5nbpyF/68d1vsNwEt; Expires=Mon, 11 May 2026 13:10:31 GMT; Path=/; SameSite=None; Secure\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-amz-request-id,x-amz-id-2,x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date\r\ncontent-encoding: gzip\r\nx-amz-id-2: CfC5SNUfk41UHLiLZBMbUj821C1VuSuyRj/+YLHS9vKXGJe2TrbSzeyh8n1qxv1mUHFwZxuz+27e0S08oWHAsB1x0fsyfatC\r\nx-amzn-requestid: d5758504-cb43-f80c-b707-18033bd15cdb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}],"data":{"size":107,"size_decoded":0,"mime_type":"application/x-amz-json-1.1","magic":"JSON text data","md5":"5c435e7b8a7443a25d8317f4c7756515","sha1":"0b41c7cc1ae1c2af69aac626163270e948fb6043","sha256":"efa5829d50af9ef88d781b2dc5afe21ecfed83b28365e95d03c6ee111ee8d382","sha512":"dffcccf83279bde359c100cde9674b8bf4cbeb1d47eb38aa65ed04dd5b73298acd5654248770f0818b7a25e97e6577771497e69d072f755528ebe83efc69e7e7","ssdeep":"","tlshash":"03b01204921c7e3a13858197fcad8f8907dc256863851625041847ddb3cf6ab5203189","first_seen":"2025-03-24T17:54:49.014312Z","last_seen":"2026-05-05T06:16:46.297728Z","times_seen":1394,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yengeldmsendekatlmrmyap.click/","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T13:10:30.192Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: yengeldmsendekatlmrmyap.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T07:09:52.935599Z","times_seen":14675193,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":94,"dns":0,"connect":19,"send":0,"wait":0,"receive":0,"ssl":25},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:10:30Z","timestamp":1777900230,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.22","port":58674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-04T13:10:30.385629+0000\",\"flow_id\":1201734446104002,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":58674,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"yengeldmsendekatlmrmyap.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":686,\"bytes_toclient\":1307,\"start\":\"2026-05-04T13:10:30.343490+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"yengeldmsendekatlmrmyap.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"yengeldmsendekatlmrmyap.click/","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T13:10:30.344Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: yengeldmsendekatlmrmyap.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 04 May 2026 13:10:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 813\r\nConnection: keep-alive\r\nLast-Modified: Mon, 06 Apr 2026 12:58:19 GMT\r\nETag: \"67a-64eca388710c0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1658,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (406)","md5":"b2d8856ecd91b1451dca7e7bead0a37c","sha1":"a7e19e613a252d73f89e03ec5bbb96886a35b224","sha256":"1632db182ac1233cb51e6393bebfa42ad4efc3159691da3aa6579b48e7b8fa38","sha512":"43e5978d8b4d77a0a0e8cc307237e2621392c840c0c1db5dc3fe09f33d2ac43e45b24fa56234938ca3d829c8e7acc0fbb8262014ddde3e01b3d2303646c9bab0","ssdeep":"","tlshash":"a03114f751a8901f0330f15a7f10a22c9a47984bddd999db728d185d3f45356c80729f","first_seen":"2026-02-22T10:46:17.925412Z","last_seen":"2026-05-04T21:13:14.58168Z","times_seen":60,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":19,"dns":0,"connect":19,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:10:30Z","timestamp":1777900230,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.22","port":58674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-04T13:10:30.385629+0000\",\"flow_id\":1201734446104002,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":58674,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"yengeldmsendekatlmrmyap.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":686,\"bytes_toclient\":1307,\"start\":\"2026-05-04T13:10:30.343490+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"yengeldmsendekatlmrmyap.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/default-server-index.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/default-server-index.js HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: text/javascript\r\nx-amz-id-2: WaO3YaNZeI7O10fHwWgbtV4OLUTJOZgHwuRUU9Y5ebAdeVST/NI7Hcccodvj1R+L7cDKy7gTAFzy+sv6xQrurUkSUENGAw1S\r\nx-amz-request-id: FFZ0F51XBTQJJQHC\r\nlast-modified: Wed, 08 Apr 2026 13:25:30 GMT\r\nx-amz-version-id: 2vhQcpK6wratfIf18NwQPJij2WZvvGol\r\netag: W/\"17c1c4a9c72520a1f0006cb0ac30e39d\"\r\nx-77-nzt: k+/1n4oVFDbLzCS7W1dIxw310zv9t3J070AK+IaGELvR0mlNLu0mhqWij9TtHuemmNb88cw\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af86950d8c71e\r\nx-77-cache: HIT\r\nx-77-age: 871114\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":26256,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17142)","md5":"17c1c4a9c72520a1f0006cb0ac30e39d","sha1":"2badb9f917ad3173de18f979155caee3846819b7","sha256":"a44276679581dd744aa4fe4d26d9b62cb45e849a0319beba2b584674fe3943e5","sha512":"f1d3abafe04395d3c68b5a0b4e127c1e19ba2879be6f9acf2480363558827181b3136c1047fe4756003839e8188fe84955653b65b9a2dabe8f90d5abe33b9a84","ssdeep":"192:Pa8j2rrxw0dAZ+hbXIK6XocTqW1ryoBBX/Lfe28bz11NDHQi0HXHYQRQKkuTAiU2:ue/7H8XFDHqXvQKk4r79XXdDd","tlshash":"d6c21756b243717d02538ae5fbbb1310733a7418e0194278f29de3b61faf9a5c592b2c","first_seen":"2026-04-12T16:19:45.593408Z","last_seen":"2026-05-05T06:16:46.294376Z","times_seen":289,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":33,"dns":20,"connect":1,"send":0,"wait":2,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yengeldmsendekatlmrmyap.click/favicon.ico","fqdn":"yengeldmsendekatlmrmyap.click","domain":"yengeldmsendekatlmrmyap.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.676Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yengeldmsendekatlmrmyap.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T07:09:52.935599Z","times_seen":14675193,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:10:30Z","timestamp":1777900230,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.22","port":58674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-04T13:10:30.699497+0000\",\"flow_id\":1201734446104002,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":58674,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"yengeldmsendekatlmrmyap.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://yengeldmsendekatlmrmyap.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1255,\"bytes_toclient\":1816,\"start\":\"2026-05-04T13:10:30.343490+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"yengeldmsendekatlmrmyap.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"yengeldmsendekatlmrmyap.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/stars-fb15b6.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/stars-fb15b6.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: e0zZL4J4kiVwNkbEVuIPpjnB/aejT/2treQ2p41oZPZXlezngGOyNd6H6phRbv3sapi7XoOLXMA=\r\nx-amz-request-id: AVJ8AWZ2TEN89TKF\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: Up8sAenBbTqZtWPLG5melXtHHLPmg.QS\r\netag: W/\"18aa9407cb97208391f24bcef249457f\"\r\nx-77-nzt: k/lYh7VPBd9jvcokTvDJg7vw7n7/ZI0SSIND9/uUFRPpir6U11WBIncE75tJ3QHM4GQ2hJw\r\nx-77-nzt-ray: 2a494a150f9dfd4feb9af869871e7a2c\r\nx-77-cache: HIT\r\nx-77-age: 934976\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":23587,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"18aa9407cb97208391f24bcef249457f","sha1":"c76eef71591d7d92fb30f51b49dadf16ae600a05","sha256":"30628c4c5254e81ed7f953bd449c6976ce87210089c4b221f00c3a7a5d597736","sha512":"2092a8b785ed8edf6e63312a7d70ca42932851f3b491604bb6e3fa861c05c82ffcd2b3461c7b17fa3af6e73351b70acfcc1e4e20bf2ae00606a565c6a2f1867e","ssdeep":"96:ruEAlHCq+7wX+MTntIRT1jTgNOHgWIl0a6IP+5bDTIjvPj5jBjF76ydRyuK:y0COXRhRVxsDZB93dQp","tlshash":"a1b28fbd1397d9ec7c02e990be7611e3e52fe2dd209c07d09079c6202bd26dae78e585","first_seen":"2023-04-30T21:16:24Z","last_seen":"2026-05-05T06:16:46.295472Z","times_seen":7348,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://yengeldmsendekatlmrmyap.click/","date":"2026-05-04T13:10:30.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2 HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://yengeldmsendekatlmrmyap.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yengeldmsendekatlmrmyap.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:10:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 17784\r\nx-amz-id-2: gWjs8qPPcF38ip/4M2uRL/sK92mBwdAO8H96h85zaVJcawBr8KQIQjOvLOdH5QmV+k14PNHdXlA=\r\nx-amz-request-id: F8NTTMYN1QKWAHR1\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: fR5BRNIdeneYGhReRTKVWmhWLyrKPBF8\r\netag: \"8d7a3f034881d1712b3325cc71425c10\"\r\nx-77-nzt: k2ySDV5OjrtgUhiDTxAQseKDKL/e0vUfqAYhOVBRbpTSxW3ONLOSM3nJKpQnnL0OsnYSADk\r\nx-77-nzt-ray: 2a494a150fa34553eb9af8695e9e522d\r\nx-77-cache: HIT\r\nx-77-age: 871157\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":17784,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17784, version 1.0","md5":"8d7a3f034881d1712b3325cc71425c10","sha1":"9594f24367800a20297a96c2d4f957e62c63e207","sha256":"ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3","sha512":"e7edbfcbb46c2df1de915c59bc6188d8b068bd5ec3c97ba73659829dc30c7db73de9d150db72621101e4f6a5b74c771bf5d624712c9cba391ddb04a9e7c91cb3","ssdeep":"384:ADWWIntFC5IYQXXkFENAQzkJj3r5dzt+eb7SOd:kWWIne5I3X0F0RK7vWW","tlshash":"c382d0eab27c8431fd1693390c48aad07dc72d5ec68e314c571890817a57297acdee63","first_seen":"2023-04-30T17:57:31Z","last_seen":"2026-05-05T06:16:46.296244Z","times_seen":10377,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}